PT-2026-41768

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A missing check in the PSD decoder allows the list-length resource policy to be bypassed during the decoding of a PSD image. Other security limits remain active...

Busting VPN myths: What a VPN can do for your privacy and what it can’t

Privacy Busting VPN myths: What a VPN can do for your privacy and what it can’t Share March 6th, 2026 If you’re reading this blog, you have probably heard of or used a VPN before. The truth is, VPNs are incredibly useful! They are one of the most effective tools for protecting your online privacy...

EUVD-2025-24236

Malicious code in bioql PyPI...

CVE-2025-40766

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...

CVE-2025-40766

The CVE-2025-40766 vulnerability affects Siemens SINEC Traffic Analyzer versions prior to 3.0. The issue arises from docker containers running with insufficient resource and security limitations, enabling a local attacker to perform a denial-of-service (DoS) attack. Evidence across multiple sourc...

CVE-2025-40766

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V3.0. The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service DoS attack...

CVE-2022-3456 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0...

WP Limits <= 1.0 - Plugin's Settings Update via CSRF

The plugin does not have CSRF check when saving its settings, allowing attacker to make a logged in admin change them, which could make the blog unstable by setting low values PoC...

CVE-2020-10732

A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. Mitigation Possible mitigation would be to disable core dumps system-wide by setting: hard core 0 In the...

[oss-security] CVE request: PowerDNS in default configuration is vulnerable to DoS attack

It was found 1 that in default configuration PowerDNS is allowed to consume more file descriptors than is available for a default installation of many Linux distributions. Default configuration is: 2 threads / 2048 max-mthreads, which leads to a theoretical FD consumption of 4096. Default FD limi...

php forge local file inclusion vulnerability-vulnerability warning-the black bar safety net

Code: ? php $page=$GETpage; include$page.'php'; ?& gt; You can use http://www.xxx.com/index.php?page=../etc/passwd http://www.xxx.com/index.php?page=../../../etc/passwd http://www.xxx.com/index.php?page=..../../etc/passwd Get more data: etc/profile etc/services the /etc/passwd /etc/shadow the...

CVE-2006-2607

CVE-2006-2607 refers to a local privilege escalation in vixie-cron 4.1 where do_command.c does not check the return value of setuid(), potentially allowing a root gain if setuid() fails (e.g., PAM limits or resource limits). Connected advisories confirm this vulnerability and document patches/ups...

rsh security update

CentOS Errata and Security Advisory CESA-2005:165 Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow use...